There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpf_sys_bpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAP_BPF can arbitrarily read memory from anywhere on the system. We recommend upgrading past commit 86f44fcec22c
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Google
Published: 2022-09-23T11:10:08.764098Z
Updated: 2024-09-17T03:49:02.183Z
Reserved: 2022-08-11T00:00:00
Link: CVE-2022-2785
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-09-23T11:15:09.510
Modified: 2023-11-07T03:46:53.227
Link: CVE-2022-2785
Redhat